Results 1 to 3 of 3
Hybrid View
-
7th June 2008 13:54 #1
06.06.2008, TechNews.bg
" , , Dark Reading. Gpcode, - Virus.Win32.Gpcode.ak, .
RSA 1024 .doc, .pdf, .txt, .jpg, .xls, .png . Gpcode , ._crypt.
!_read_me_!.txt, , .
, . - Gpcode ."
http://technews.bg/info.php?id=8345
---
Kaspersky Lab Detects Variant of Gpcode
Kaspersky Lab warns of new variant of dangerous blackmailing virus, Gpcode
05.06.2008, WOBURN, Mass.
"Kaspersky Lab, a leading developer of Internet threat management solutions that protect against all forms of malicious software, has informed the public that it has been the first to detect a new variant of Gpcode, a dangerous encryptor virus - Virus.Win32.Gpcode.ak. Kaspersky Lab added a signature for Virus.Win32.Gpcode.ak on June 4, 2008.
Gpcode.ak encrypts files with various extensions including, but not limited to, .doc, .txt, .pdf, .xls, .jpg, .png, .cpp, .h and more using an RSA encryption algorithm with a 1024-bit key. Kaspersky Lab analysts succeeded in thwarting previous variants of Gpcode, when Kaspersky virus researchers were able to crack the private key after in-depth cryptographic analysis. The author of Gpcode has taken two years to improve the virus: the previous errors have been fixed and the key has been lengthened to 1024 bits instead of 660 bits.
At the time of writing, Kaspersky Lab is unable to decrypt files encrypted by Gpcode.ak since the key is 1024 bits long. Thus, the only way currently to decrypt the encrypted files is to use the private key which only the author has available at a fee.
"With this new version of Gpcode, weve encountered ransomware which seems impossible to crack during this early stage of detection. Next to running anti-malware solutions the best measure to fight this kind of malware is to regularly create back-ups of the files stored on the computer, said Roel Schouwenberg, Senior Anti-Virus Researcher, Kaspersky Lab. We strongly discourage infected people to pay the ransom as this will only encourage the author to create new versions."
http://www.darkreading.com/document....&WT.svl=wire_1
-
7th June 2008 14:56 #2Prolemuris
Join Date: Oct:2006
Location: Varna
Posts: 4,296
.
-
7th June 2008 16:12 #3




Reply With Quote

R9 280,
7th May 2023, 21:28 in